RubyGems - selfsdk - Versions diffs - 0.0.128 → 0.0.129 - Mend

selfsdk 0.0.128 → 0.0.129

Files changed (7) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 125110bf24194be23beb2ef32eaffc67cdd4fb0f0124c8b6bc2da283fc7cf999
-  data.tar.gz: f058e20f529c0c71480b673cb78d511bee67056a2c8aa215663552443311be4d
+  metadata.gz: 7ba1c83bef5db464131c2343e7f81500c1e5175fd9f740b7563dad90613dd73c
+  data.tar.gz: 12c89161d2837b4f6dba855b43bd554fcb6380dbd207fe7482e9f9fcef4d8493
 SHA512:
-  metadata.gz: 1748a529d80ef342b18d4a8a8e9b2ab14191d478ce7d431c5ce192ac6052e05a20b62cc27851cc3f890eacbef65fe2f4850a934d99a50f3879f90698b6abbd86
-  data.tar.gz: 1648159549fa5474b98a141a7df7fe2901a50f0472e9e0cc03da0e65ab923ed52c8589344b34aff25b9dd9c32e1ad9e9abe65ed6b52c11364520139dde1aae61
+  metadata.gz: bd1a8234d5d4ba9ef9589ed41e2a60e9313aa2ba45d3de46f428db95e716125dc9213dff852025643e2c1bafc9342cb3e823eb435e3ed903947161d08c9252bb
+  data.tar.gz: 52c50572cf2587106fb160b3042faeb8c129d2bc35d8df9ee6a29a1b7617af7723be54a16b43190c774ed93a4d694a0cfacc85e0882b5867229f8fdd0ce0c390

data/lib/client.rb CHANGED

@@ -59,6 +59,7 @@ module SelfSDK
     # Lists all public keys stored on self for the given ID
     #
     # @param id [string] identity id
+    # DEPRECATED
     def public_keys(id)
       i = entity(id)
       i[:public_keys]

@@ -15,7 +15,8 @@ module SelfSDK
         @to = payload[:sub]
         @audience = payload[:aud]
         @source = payload[:source]
-        @verified = valid_signature?(attestation)
+        header = JSON.parse(@messaging.jwt.decode(attestation[:protected]), symbolize_names: true)
+        @verified = valid_signature?(attestation, header[:kid])
         @expected_value = payload[:expected_value]
         @operator = payload[:operator]
         @fact_name = name.to_s
@@ -24,8 +25,8 @@ module SelfSDK
         end
       end
-      def valid_signature?(body)
-        k = @messaging.client.public_keys(@origin).first[:key]
+      def valid_signature?(body, kid)
+        k = @messaging.client.public_key(@origin, kid).raw_public_key
         raise ::StandardError.new("invalid signature") unless @messaging.jwt.verify(body, k)
         true

data/lib/messages/base.rb CHANGED

@@ -72,13 +72,14 @@ module SelfSDK
         jwt = JSON.parse(body, symbolize_names: true)
         payload = JSON.parse(@jwt.decode(jwt[:payload]), symbolize_names: true)
+        header = JSON.parse(@jwt.decode(jwt[:protected]), symbolize_names: true)
         @from = payload[:iss]
-        verify! jwt
+        verify! jwt, header[:kid]
         payload
       end
-      def verify!(jwt)
-        k = @client.public_keys(@from).first[:key]
+      def verify!(jwt, kid)
+        k = @client.public_key(@from, kid).raw_public_key
         return if @jwt.verify(jwt, k)
         SelfSDK.logger.info "skipping message, invalid signature"

data/lib/messaging.rb CHANGED

@@ -44,7 +44,7 @@ module SelfSDK
       @offset_file = "#{@storage_dir}/#{@jwt.id}:#{@device_id}.offset"
       @offset = read_offset
-      FileUtils.mkdir_p @storage_dir unless File.exists? @storage_dir
+      FileUtils.mkdir_p @storage_dir unless File.exist? @storage_dir
       if options.include? :ws
         @ws = options[:ws]

data/lib/services/identity.rb CHANGED

@@ -27,9 +27,10 @@ module SelfSDK
       # Gets an identity public keys
       #
       # @param [String] selfid gets the identity details (app/user)
+      # @param [String] kid the public key id.
       # @return [Array] with the identity public keys
-      def public_keys(selfid)
-        @client.public_keys(selfid)
+      def public_key(selfid, kid)
+        @client.public_key(selfid, kid).public_key
       end
       # Gets an app/identity details

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: selfsdk
 version: !ruby/object:Gem::Version
-  version: 0.0.128
+  version: 0.0.129
 platform: ruby
 authors:
 - Aldgate Ventures